3 function check_passwd()
7 if (empty($_POST['login']) || empty($_POST['passwd']))
10 $sql = sprintf("SELECT * FROM sys_user WHERE login = %s AND passwd = %s",
11 $db->quote($_POST['login']), $db->quote(passwd($_POST['login'], $_POST['passwd'])));
13 $sth = $db->query($sql);
15 if ($sth === false) return false;
17 if ((!empty($_SERVER['HTTP_REFERER']) && substr($_SERVER['HTTP_REFERER'],-12) != '/?login=true')
18 || substr($_SERVER['SCRIPT_FILENAME'],-10) != '/index.php') {
19 error_log('Wrong referer or wrong request uri');
23 if ($row = $sth->fetch()) {
24 $_SESSION['sys'] = array('uid' => $row['id'],
25 'login' => $row['login'],
26 'name' => $row['name'],
27 'email' => $row['email'],
28 'group' => $row['gid'],
29 'theme' => $row['theme'],
30 'basedir' => substr($_SERVER['SCRIPT_FILENAME'],0,-9));
34 error_log('Failed login attempt for user ' . $_POST['login']);
40 $LOGIN_IMG = 'images/login.jpg';
41 if (defined('LOGIN_IMG')) $LOGIN_IMG = LOGIN_IMG;
44 if (file_exists($LOGIN_IMG)) {
45 $info = getimagesize($LOGIN_IMG);
50 <style type="text/css">
52 background-image: url('$LOGIN_IMG');
53 background-repeat: no-repeat;
54 background-position: center center;
59 border: 1px solid #7b7b7b;
66 <div class="login" id="background">
68 <form action="index.php" method="POST">
69 <table id="logintab" class="login" cellpadding="5">
70 <tr><th align="left" colspan="2" style="background: #48b4f8;">Anmeldung</th></tr>
71 <tr><th align="right">Login</th><td><input type="text" name="login" id="login" size="15"></td></tr>
72 <tr><th align="right">Passwort</th><td><input type="password" name="passwd" size="15"></td></tr>
73 <tr><td colspan="2" align="center"><input type="submit" value="Anmelden"></td></tr>
79 <script type="text/javascript">
80 var img_height = $HEIGHT;
81 var inner_height = window.innerHeight - 50;
82 var height = img_height <= inner_height ? img_height : inner_height;
84 var div = document.getElementById("background");
85 div.style.height = height + 'px';
87 var login = document.getElementById("logintab");
88 login.style.position = 'absolute';
89 login.style.top = ((window.innerHeight / 2) - (130 / 2)) + 'px';
90 login.style.left = ((window.innerWidth / 2) - (120 / 2)) + 'px';
92 var inp = document.getElementById("login");